CVE-2025-27488 – Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-27488

13 May 2025 — Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27488 • CWE-798: Use of Hard-coded Credentials •